Articles

Secure Your Small Business Against Social Engineering

09.13.2017

Is your small business protected from the most prevalent form of social engineering—email phishing? Karen Stern, Partner in Charge of Brown Smith Wallace Entrepreneurial Services Group, discusses the importance of setting a strong foundation in two key areas to prevent phishing in your organization, in this month’s “Financial Fitness” column, as featured in Small Business Monthly.

Although there are a number of different types of social engineering attacks, phishing was again the top variety, found in over 90 percent of both incidents and breaches, according to the 2017 Verizon Data Breach Investigations Report. The report also noted that 95 percent of phishing attacks that led to a breach were followed by some form of software installation. The act of manipulating people into disclosing sensitive data continues to be on the rise and it’s important for organizations of all sizes to lay the groundwork for prevention and detection.

Below are the areas of focus to prepare against potential phishing attacks:

Prevention:

Educate users on the signs of phishing emails and where to report them.

Isolate systems so the malware cannot spread.

Consider including [External], [E] or [Not from the CEO!] in the subject line for incoming outside emails.

Create an internal process that includes some form of communication other than email, particularly for large wire transfer requests.

Detection:

Develop an incident response plan that identifies, contains, notifies and resolves the incident.

Expire credentials that may have been compromised.

Understand where infected users have system access.

Work with your financial institution to block and alert on irregular activity such as large transfers of funds.

If you are not sure what records to include in your policy, it’s worth the investment to establish a specific records retention policy.

Brown Smith Wallace is a nationally ranked top 100 full-service CPA and business advisory firm. We are based in St. Louis with a total staff of more than 300 professionals to serve your needs and help you achieve your growth goals.

Brown Smith Wallace hosts several events throughout the year for our clients and the broader business community. These events are an opportunity for others to learn more about Brown Smith Wallace, broaden their networks and hear updates on critical issues.

Our people are an essential component to the firm's success. In this section of the site, explore the career experiences, opportunities and benefits Brown Smith Wallace offers its Family members and learn why we are The Firm for Growth.